<?
require "include/bittorrent.php";
dbconn();
loggedinorreturn();

$searchstr = unesc($_GET["search"]);
$search = searchfield($searchstr);
if (empty($search))
unset($search);

$residence = (int)$_GET['residence'];
$class = (int)$_GET['class'];
$firstchar = trim($_GET["firstchar"]);

$query = "status='confirmed'";

if (isset($search))
{
  $query = "username LIKE " . sqlesc("%$search%") . " AND status='confirmed'";
  $q = "search=" . htmlspecialchars($search);
}
else
{
if ($firstchar)
{
  if ((strpos("abcdefghijklmnopqrstuvwxyz", $firstchar) === false || strlen($firstchar) != 1) && $firstchar != "number")
    $firstchar = "a";
  if ($firstchar == "number")
  $query = "username regexP '^[0-9]' AND status='confirmed'";
  else
  $query = "username LIKE '$firstchar%' AND status='confirmed'";
  $q = "firstchar=$firstchar";
}
}

if ($class)
{
  $query .= " AND class=($class-1)";
  $q .= ($q ? "&amp;" : "") . "class=$class";
}

if ($residence)
{
  $query .= " AND residence=$residence";
  $q .= ($q ? "&amp;" : "") . "residence=$residence";
}

if ($_GET["order"] == "username" || $_GET["order"] == "added" || $_GET["order"] == "last_access" || $_GET["order"] == "class" || $_GET["order"] == "residence" || $_GET["order"] == "gender")
{
$order = $_GET["order"];
$o = "order=$order";
}
else
$order = "username";

$query .= " ORDER BY $order";

if ($_GET["reverse"])
{
if ($order == "added" || $order == "last_access" || $order == "class")
$type = "ASC";
else
$type = "DESC";
$t = "reverse=1";
}
else
{
if ($order == "added" || $order == "last_access" || $order == "class")
$type = "DESC";
else
$type = "ASC";
}

$query .= " $type";

stdhead("Users");

print("<h1>Users</h1>\n");
if (get_user_class() >= UC_MODERATOR)
print("<p><b>[<font size=1><a class=altlink href=/usersearch.php>Administrative User Search</a></font>]</b></p>");
print("<form method=get action=?>\n");
print("Search: <input type=text size=30 name=search value=\"" . htmlspecialchars($searchstr) . "\">\n");
print("<select name=class>\n");
print("<option value=''>(any class)</option>\n");
for ($i=1;$i<=UC_SYSOP+1;$i++)
print("<option value=$i" . ($class && $class == $i ? " selected" : "") . ">" . get_user_class_name($i-1) . "</option>\n");
print("</select>\n");
print("<select name=residence>\n");
print("<option value=''>(any residence)</option>\n");
$res = query("SELECT id,name FROM residences ORDER BY name") or die;
while ($arr = mysql_fetch_array($res))
print("<option value=$arr[id]" . (($residence == $arr[id]) ? " selected" : "") . ">$arr[name]</option>\n");
print("</select>\n");
print("<input type=submit value='Okay'>\n");
print("</form>\n");

print("<p>\n");

	if ($firstchar == "number")
    print("<b>#</b>\n");
	else
    print("<a href=?firstchar=number><b>#</b></a>\n");

for ($i = 97; $i < 123; ++$i)
{
	$l = chr($i);
	$L = chr($i - 32);
	if ($l == $firstchar)
    print("<b>$L</b>\n");
	else
    print("<a href=?firstchar=$l><b>$L</b></a>\n");
}

print("</p>\n");

$page = $_GET['page'];
$perpage = 100;

$res = query("SELECT COUNT(*) FROM users WHERE $query") or sqlerr();
$arr = mysql_fetch_row($res);
if ($arr[0] == '0')
$pages = 1;
else
$pages = ceil($arr[0] / $perpage);

if ($page < 1)
  $page = 1;
else
  if ($page > $pages)
    $page = $pages;

for ($i = 1; $i <= $pages; ++$i)
  if ($i == $page)
    $pagemenu .= "<b>$i</b>\n";
  else
    $pagemenu .= "<a href=?" . ($q ? "$q&" : "") . ($o ? "$o&" : "") . ($t ? "$t&" : "") . "page=$i><b>$i</b></a>\n";

if ($page == 1)
  $browsemenu .= "<b>&lt;&lt; Prev</b>";
else
  $browsemenu .= "<a href=?" . ($q ? "$q&" : "") . ($o ? "$o&" : "") . ($t ? "$t&" : "") . "page=" . ($page - 1) . "><b>&lt;&lt; Prev</b></a>";

$browsemenu .= "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";

if ($page == $pages)
  $browsemenu .= "<b>Next &gt;&gt;</b>";
else
  $browsemenu .= "<a href=?" . ($q ? "$q&" : "") . ($o ? "$o&" : "") . ($t ? "$t&" : "") . "page=" . ($page + 1) . "><b>Next &gt;&gt;</b></a>";

$offset = ($page * $perpage) - $perpage;

$res = query("SELECT users.id, username, added, last_access, class, residence, gender, donor, enabled, warned, parked, name, flagpic FROM users LEFT JOIN residences on residences.id=users.residence WHERE $query LIMIT $offset,$perpage") or sqlerr();
$num = mysql_num_rows($res);
$num2 = number_format(get_row_count("users", "WHERE $query"));

if ($num)
{
print("<p>$browsemenu<br>$pagemenu</p>");

print("<table border=1 cellspacing=0 cellpadding=5>\n");
print("<tr><td class=colhead align=left><a class=altlink_white href=?" . ($q ? "$q&" : "") . "order=username");
if ($order=="username" && $type == "ASC")
print("&reverse=1");
print(">User name</a></td><td class=colhead align=center><a class=altlink_white href=?" . ($q ? "$q&" : "") . "order=added");
if ($order=="added" && $type == "DESC")
print("&reverse=1");
print(">Registered</a></td><td class=colhead align=center><a class=altlink_white href=?" . ($q ? "$q&" : "") . "order=last_access");
if ($order=="last_access" && $type == "DESC")
print("&reverse=1");
print(">Last Access</a></td><td class=colhead align=center><a class=altlink_white href=?" . ($q ? "$q&" : "") . "order=class");
if ($order=="class" && $type == "DESC")
print("&reverse=1");
print(">Class</a></td><td class=colhead align=center><a class=altlink_white href=?" . ($q ? "$q&" : "") . "order=residence");
if ($order=="residence" && $type == "ASC")
print("&reverse=1");
print(">Residence</a></td><td class=colhead algin=center><a class=altlink_white href=?" . ($q ? "$q&" : "") . "order=gender");
if ($order=="gender" && $type == "ASC")
print("&reverse=1");
print(">Gender</a></td></tr>\n");

for ($i = 0; $i < $num; ++$i)
{
  $arr = mysql_fetch_assoc($res);
  if ($arr['residence'] > 0)
    $residence = "<td style='padding: 0px' align=center><img src=/pic/flag/$arr[flagpic] alt=\"$arr[name]\"></td>";
  else
    $residence = "<td align=center>N/A</td>";
  if ($arr['added'] == '0000-00-00 00:00:00')
    $arr['added'] = '-';
  if ($arr['last_access'] == '0000-00-00 00:00:00')
    $arr['last_access'] = '-';
  print("<tr><td align=left><a href=userdetails.php?id=$arr[id]><b>$arr[username]</b></a>" . get_user_icons($arr) . "</td>" .
  "<td>$arr[added]</td><td>$arr[last_access]</td>".
    "<td align=center>" . get_user_class_name($arr["class"]) . "</td>$residence<td align=center>$arr[gender]</td></tr>\n");
}
print("</table>\n");
print("<p>$pagemenu<br>$browsemenu</p>");
}
print("<br><b>Search Results: " . $num2 . " User" . ($num2 != '1' ? "s" : "") . "</b>");

stdfoot();
?>